Closed zmip closed 2 years ago
The remaining href of a link, when it contains ampersands that are correctly encoded as & will be in the plaintext. That should not happen.
&
5 minutes later: okay, it leaves all encoded entities in the remaining string. Is that expected?
2 minutes later: will have to look at my code a bit better, I see I'm injecting from different sources. May be not be an issue afterall...
The remaining href of a link, when it contains ampersands that are correctly encoded as
&will be in the plaintext. That should not happen.5 minutes later: okay, it leaves all encoded entities in the remaining string. Is that expected?
2 minutes later: will have to look at my code a bit better, I see I'm injecting from different sources. May be not be an issue afterall...